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SECURE DATA ENTRY PERIPHERAL DEVICE 
FIELD OF THE INVENTION 

The present invention relates to data entry peripheral devices such as 
keyboards, computer mouse pointing devices, voice recognition devices and the like, 
and more particularly, to an encryption system applied directly in the data entry 
peripheral device for insuring secure data transmission, including transactional and 
credit card information, and for preventing unauthorized copying and use of software 
programs or packages. 

BACKGROUND OF THE INVENTION 

The rise ofthe Internet data highway has dramatically increased the need 
for secure data transmission, to enable a tried and true basis for electronic funds and 
other secret data transfer and consumer purchase transactions. Credit card 
information, banking account numbers and other sensitive data are vulnerable to 
unauthorized use when placed on a data communications network, hence the need 
for secure transactions. The expected rise in the number of Internet transactions 
of this type will reach a value of $300 billion in the near future, and the electronic 
Internet servers and all ofthe associated data processing equipment need to adapt 
to this new approach to financial and secure data transactions. 

Another related problem is presented by unauthorized copying or use of 
software programs or packages, which creates heavy software industry losses. 

There are known methods and apparatus for providing security in data 
communications including data encryption techniques, Tire-walls' and others. Many 
examples of this technology exist, and there are even computer keyboard-related 



1 



.ecMcues which are described, for example, in US Patents 5,748.S88 .0 Angelo e, 

al, and 5, 406,624 to Tulpan. 

The Angelo patent discloses secure keyboard communications in 
a computer system. A request for private keyboard communicat.ons generates a 
secure system management interrupt, which directs specialized hardware to 
intercept and divert keyboard interrupts so that keyboard data is communicated 
only .0 a black-box security device controlling access to protected system 
resources, thereby protecting keyboard data from interception by malicious software. 

The Tulpan patent discloses a processor unit connectable between a 
keyboard and a computer, which enables data to be transmitted to the computer in 
selected fashion, either via a transparent mode or via one of a plurality of special 
handling modes. In the transparent mode, the keyboard data passes without 
any change being made in the data, and in the special handling mode, a security 
program .s executed while secret data inputted via the keyboard data is isolated from 
the computer. 

As described above, a tremendous increase is expected in the number 
and types of data transactions requiring high levels of security for the mass market 
of on-line purchasers and Interne, users In order to acWeve such high rates of growth 
in this application, the level of sophistication of the user must also increase, so that 
theoperationofsecure datatransactionsis a fan^liar and acceptable activity. In .he 

patents listed above, the devices utilized are add-on units which may no. 

presen. user-friendly approaches to achieving secure da.a.ransactions..due to 

complications in software and hardware installation and operation. 

I, would be desirable, therefore. ,o provide me*od, and appara.us which 

are user-fnendly for enabling quick, simple and ea.y ini.ia,ion and completion of 
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secure data transactions with a high degree of user confidence in the security level, 
and preventing unauthorized copying and use of software programs and packages. 

SUMMARY OF THE INVENTION 
Accordingly, it is a principal object of the present invention to overcome 
the disadvantages of prior art techniques used in secure data transactions, by 
providing a quick, simple and easy to use method of insuring a high level of security 
in such transactions, using a specially-designed keyboard, computer mouse, or voice 

recognition circuit. 

In accordance with a preferred embodiment of the present invention, 
there is provided a secure data entry peripheral device in a computer system, said 

device comprising: 

means for at least one of entry, collection and reading of data information; 
controller means for encoding said data information for presentation to the 

computer system, and 

means associated with said controller for processing said encoded data 

information by performing thereon at least one operation amongst operations including 
encryption, decryption, data manipulation and storage, 

said processed encoded data information providing a secure transaction 
when transmitted within the computer system, and when decrypted and decoded for 

use at a remote location. 

In the preferred embodiment, the inventive secure data entry peripheral 
device encryption technique is integrated within the device itself, and is not carried 
out separately on the computer unit or attached devices wires or add on software 
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programs, so that each transmission of data from the peripheral device is already 
encrj'pted, giving it a high level of security with its initial transmission from the device. 

Encryption of data on the proposed single chip microprocessor is 
completely secure because the 'Key board'. 'Data entry' or 'Analog voice' encoding 
and encryption are on the same chip.There is no external access or opportunity for 
external interference which could compromise the integrity of the data. This approach 
enables maintenance of a high security level. 

The inventive device can be applied to a keyboard, computer mouse or 

voice recognition circuit which are used as data entry devices. Since each device 
utilizes an electronics board or microcontroller in its standard configuration, the 
encryption technique of the present invention can be applied easily and efficiently, 
raising the security level of the design. 

The inventive device may also employ a contact or contactless Smartcard 

adaptor to enhance the total security of the system. 

Other features and advantages of the invention will become apparent 
from the following drawings and description. 

BRIEF DESCRIPTION OF THE DRAWINGS 

For a better understanding of the invention with regard to the embodiments 
thereof, reference is made to the accompanying drawings, in which like numerals 
designate corresponding elements or sections throughout, and in which. 

Fig. 1 is an overall plan view of a secure computer mouse 
peripheral device constructed and operated in accordance with the principles of the 

present invention; 

Fig. 2 is an electronic block diagram of a secure computer mouse 



microcontroller included in the Fig. 1 computer mouse peripheral device; 

Fig. 3 is an overall view of a secure keyboard peripheral device 
constructed and operated in accordance with the principles of the present invention; 

Fig. 4 is an electronic block diagram of a secure keyboard 
microcontroller included in the Fig. 3 peripheral device; 

Fig. 5 is an electronic block diagram of a secure voice recognition 
peripheral device constructed in accordance with the principles of the present 
invention; 

Figs. 6a-b show a flowchart describing a typical purchase transaction using 
the secure I/O device of the present invention; and 

Fig. 7 is a flowchart of an authentication routine used in the purchase 
transaction of Figs. 6a-b. 

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS 

In the following description of secure data entry peripheral devices in a 
computer system, the term "secure" is used to describe secure devices such as 'Smart 
card' or 'Secure Integrated circuit' or 'Electronic coin* or other secured components. 

Referring now to Fig. 1, there is shown an overall plan view of a secure 
computer mouse peripheral device 10 constructed and operated in accordance with 
the principles of the present invention. Computer mouse device 10 has a 
microcontroller or an independent logic system which reads optical signals and sends 
pulses in an asynchronous serial RS 232 format to a serial communication channel 
via cable 11, or via a computer mouse interface connected directly into the bus of 
a computer. Thus, the following description applies to computer mouse 



communications either via a serial communications port or a card inserted into the 
computer bus. The reference to a secure mouse includes similar devices such as a track 
ball or pad or any other computer pointing device in one, two or more dimensions. 

Normally, data communications with the secure computer mouse 10 
are performed by a service program running on the computer. The present 
invention enables entry of data by selection of numbers and values which are 
presented to the user on the computer screen. The selected numbers and values 
have a secret content or a monetary value, and are sent back by the secure 
computer mouse 10 as encrypted data after a special command is sent from the 
computer service program to the secure computer mouse 10, or the command is 
enteredby an external signal like one of the mouse keys. This special command is 
decoded by secure computer mouse 10 and the data to which computer mouse 10 
already points is encrypted directly by the microcontroller associated with the secure 
computer mouse 10. 

Alternatively, when the program running on the computer issues a special 
command as follows: encrypt / decrypt data which follows the command, then this 
command is interpreted directly by the microcontroller associated with the secure 
computer niouse. 10, thus giving it a high security level. 

Alternatively, in order to increase the level of security the numbers and 
values can be entered via an optional mini-keypad 16 on computer mouse 10. 

In this fashion, the encryption unit in secure computer mouse 10 
is an acceptable unit to a wide cross-section of computer users. The security level of 
data encrypted in this fashion is the highest possible since no code or system 
encryption key is run on the computer service program or stored on the computer disk. 



The secure computer mouse 1 0 can provide various levels of 
encryption and security. In addition to the standard computer mouse operating 
software, a large number of encryption/decryption programs are provided. Those 
encryption/decryption programs are uniform in every type of secure computer mouse 
10, and includes various encryption algorithms, such as standard DES (data encryption 
standard) functions, 3-DES, RC2-RCn, IDEA, HASH, CAST, a dynamic exchange of 
system encryption keys, and public key technology such as RSA algorithms, Diflfie- 
Hellman, etc. 

Each secure computer mouse 10 has a 'member number' permanently 
encoded in it, which remains even if the encryption keys are changed. 
The permanent encoding of a private key, a public (RSA) algorithm seed, 
Keyl and Key2 of a DES algorithm can be achieved by automatic encoding, 
without human intervention so that complete security is insured while keeping 
a user friendly environment 

The 'member number' is a silicon file containing tens of characters. 
The 'member number' contains the default value of the encryption keys, personal 
identification number (PIN), attribute codes and control and rescue code. 
By a special procedure involving the PIN number, the user can change the DES keys 
and public and private keys as well. 

In accordance with the invention, there are two available levels of 
security for secure computer mouse device 10, Level I and Level II. 

In Level I, secure computer mouse 10 enables entry of data by selection 
of numbers and values which are presented to the user on the computer screen. 
Alternatively, the data can be entered via optional mini-keypad 16 on secure computer 
mouse 10. These numbers and data values are encrypted by various methods. 



including, DES or 3-DES, RC2.RCn, IDEA, HASH, CAST, a dynamic exchange of 
system encr>'ption keys, and public key technology such as RSA algorithms, Diffie- 
Hellman, etc. There is no access to the system key which is permanently encoded in 
the microcontroller ofsecure computer mouse lOThere is also no access to the 
'member number' permanently encoded in the microcontroller of secure computer 
mouse 10. 

To obtain a secure I/O communication link from secure computer mouse 
10, a secure I/O negotiation begins with a bi-directional authentication routine. Once 
this is achieved, the data which is entered via the secure computer mouse 10 is then 
encrypted and can be sent directly or via the secure I/O communication link to a 
service provider, at a remote location. The Level I security level is intended for 
purchases via the Internet, involving relatively small sums. 

Jn the Level II security level, the secure computer mouse 10 is constructed 
with a 'Smart card' interface 12, typically located on the lower section of the mouse 
housing. This arrangement will enable both Levels I and II to be performed. An 
encryption/decryption routine can be used which integrates the microcontroller in 
secure computer mouse 10, with a 'Smartcard' security (encryption/decryption) 
algorithm, and this integration greatly enhances the overall security of the secure 
computer mouse 10. 

Integration of the secure computer mouse 10 microcontroller and the 
'Smartcard' security (encryption/decryption) algorithm enables secure computer 
mouse 10 to continually adopt new security methodologies and encryption/decryption 
algorithms, which are provided on the 'Smartcard' 14. 
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The Level II security level makes it possible for banking institutions, 
which require a high level of security for transfer of encrypted data and files, to handle 
electronic transfer of large sums of money as well as transfers between them. 

The advantage of using a secure computer mouse 10 for encryption 
of data is that it is extremely easy, since the user is accustomed to performing 
computer operations via the computer mouse. Thus, practically no training or 
explanation is needed in use of secure computer mouse 10, and the classification of 
computers and new models generally does not affect the operation of the secure 
computer mouse device 10. 

If a change is to be made in the system encryption key, due to a breach in 
system security, this can be performed by transmission of new system encryption 
keys coded by a public key algorithm. It is possible to arrange a plurality of system 
encryption keys which can be automatically replaced on a regular basis in relation 
to the time of day, or the date. 

The Level II security level can be applied to prevent unauthorized use of 
software programs or packages, by use of the secure computer mouse 10, with the 
addition of a Smartcard by the manufacturer of the software product. The software 
package serial number is encrypted onto the Smartcard, which is inserted into the 
Smartcard interface 12, and when decrypted, the software is enabled. 

The Level II secure computer mouse 10 achieves better security in an 
easier fashion than the security plugs now typically used as an attachment device to a 
keyboard or printer interface. 

The secure computer mouse 10 may be applied in ail environments, 
including banks and commercial entities, so that their data processing systems 
have the system encryption key stored in the computer mouse. In this way, the 



system encr>'ption key is not kept or stored on any disk, or in the computer memory, 
where it may be exposed to illegal tampering or attempts to breach security. 

Referring now to Fig. 2, there is shown an electronic block diagram of a 
secure computer mouse microcontroller 25 included in the Fig. 1 mouse peripheral 
device 10. A pair of position optical encoders 20, 22 feed position information 
provided by the mouse trackball as input to the mouse microcontroller 25. 

Microcontroller 25 can be implemented in accordance with skill of the art 
electronic design techniques, and comprises functional blocks including a CPU 26, 
flash memory or EEPROM 28 containing code and default (transport) 'member 
number' value. Microcontroller 25 also comprises RAM working registers 30, and 
EEPROM data storage memory 31, which will hold alternate encryption keys, a 
software package serial number, and historical transaction buffer, which records the 
last 10 transactions, for example, on the EEPROM memory 31, to resolve billing 
disputes. Microcontroller 25 also comprises public key algorithm 32. Mouse device 10 
is connected via an RS-232 connector 34 for serial communication with the host 
computer, or it may be connected via the mouse interface card directly to the 
computer bus. 

As shown in Option A, a 'Smartcard' adapter 36 may be added to the 
system to provide for operation with system encryption keys encoded on the 
Smartcard 14, or with a Smartcard PIN number or Smartcard security algorithm. 

In Fig. 3 there is shown an overall view of a secure keyboard peripheral 
device 40 constructed and operated in accordance with the principles of the 
present invention. 

Keyboard 40 has a stand-alone microcontroller having an embedded code 
and is connected via cable 41 to a keyboard interface in the computer. In 
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accordance with the principles of the present invention, a standard keyboard can be 
replaced by a secure keyboard 40 having a high security level. Keyboard 40 
features an optional magnetic card reader 42 and a optional Smartcard interface 
44, operating as described further herein. 

Normally, data communications with the secure keyboard 40 are 
performed by a service program running on the computer. The present invention 
enables entry via secure keyboard 40 of data containing numbers and values, which 
have a secret content or a monetary value, and this data is entered directly via secure 
keyboard 40. Thus, the data is sent already encrypted directly by the 
microcontroller associated with the secure keyboard 40, giving it a high security level. 
In this fashion, the encryption unit in secure keyboard 40 is the unit that performs, 
keyboard encoding. The security level of data encrypted in this fashion is the 
highest possible since no code or system encryption key is run on the computer. 

Secure keyboard 40 can provide, with a different encryption key, the 
decryption of data sent to it by the computer, for purposes of authentication, 
etc. The secure keyboard 40 can provide various levels of encryption and 
security. In addition to the standard keyboard operating software, an encryption 
program is provided. The encryption program is uniform in every type of secure 
keyboard 40, and these numbers and data values are encrypted by various methods, 
including, DES or 3-DES, RC2-RCn, IDEA, HASH, CAST, a dynamic exchange of 
system encryption keys, and public key technology such as RSA algorithms, Dififie- 
Hellman, etc. There is no access to the system key which is permanently 
encoded in the microcontroller of secure keyboard 40. There is also no access to the 
'member number' permanently encoded in the microcontroller of secure keyboard 40. 

To obtain a secure I/O communication link from secure keyboard 40, 
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a secure I/O negotiation begins with a bi-directional authentication routine. 
Once this is achieved, the data which is entered via the secure keyboard 40 
is then encrypted and can be sent directly or via the secure I/O communication 
link to a service provider, at a remote location. Each secure keyboard 40 has a 
'member number' permanently encoded in it, which remains even if the encryption 
keys are changed. 

The permanent encoding of a private key, a public (RSA) algorithm seed, 
Keyl and Key2 of a DES algorithm can be achieved by automatic encoding, 
without human intervention so that complete security is insured while keeping 
a user friendly environment 

The 'member number' is a silicon file containing tens of characters. The 
'member number' contains the default value of the encryption keys, personal 
identification number (PIN), attribute codes and control and rescue codes. 
By a special procedure involving the PIN number, the user can change the DES keys 
and public and private keys as well. 

In accordance with the invention, there are two available levels of 
security for secure keyboard device 40, Level I and Level IL 

In Level I, secure keyboard 40 enables entry of data containing numbers 
and values, which have a secret content or a monetary value, and this data is entered 
directly via secure keyboard 40. These numbers and data values are encrypted by 
various methods, including, DES or 3-DES, RC2-RCn, IDEA, HASH, CAST, 
a dynamic exchange of system encryption keys, and public key technology such as 
RSA algorithms, DifFie-Hellman, etc. 

The Level I security level is intended for purchases via the Internet, 
involving relatively small sums. 
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In the Level II security level, the secure keyboard 40 is constructed with a 
Smartcard interface 44, typically located on the side of the keyboard housing. This 
arrangement will enable both Levels I and II to be performed. An encryption routine 
can be used which integrates the microcontroller in secure keyboard 40, with a 
Smartcard security (encryption/decryption) algorithm, and this integration greatly 
enhances the overall security of the secure I/O encryption. Integration of the secure 
keyboard 40 microcontroller and the Smartcard encryption algorithm enables 
secure keyboard mouse 40 to continually adopt new security methodologies and 
encryption/decryption algorithms, which are provided on the Smartcard 14. 

The Level II security level makes it possible for banking institutions, 
which require a high level of security for transfer of encrypted files, to handle 
electronic transfer of large sums of money and for transfers between them. 

The advantage of using a secure keyboard 40 for encryption of data 
is that it is extremely easy, since the user is accustomed to performing computer 
operations via the keyboard. Thus, practically no training or explanation is needed in 
use of secure keyboard 40, and the classification of computers and new models 
generally does not affect the operation of the keyboard. If a change is to be made in 
the system encryption key, due to a breach in system security, this can be performed 
by transmission of new system encryption keys coded by a public key algorithm. It is 
possible to arrange a plurality of system encryption keys which can be automatically 
replaced on a regular basis in relation to the time of day, or the date. 

The Level II security level can be applied to prevent unauthorized use of 
software programs or packages, by use of the secure keyboard 40, with the addition of 
a Smartcard by the manufacturer of the software product. The software package serial 
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number is encrypted onto the Smartcard, which is inserted into the Smartcard interface 
44, and when decrypted, the software is enabled. 

The Level II secure keyboard 40 achieves better security in an easier 
fashion than the security plugs now typically used as an attachment device to a 
keyboard or printer interface. 

The secure keyboard 40 may be applied in all environments, 
including banks and commercial entities, so that their data processing systems have 
the system encryption key stored in the secure keyboard 40. In this way, the system 
encryption key is not kept or stored on any disk, or in the computer memory, 
where it may be exposed to illegal tampering or attempts to breach security. 

Fig. 4 is an electronic block diagram of a secure keyboard 
microcontroller 45 included in the secure keyboard 40 of Fig. 3. A keyboard matrix 
of key contacts 53 is fed as input to the keyboard microcontroller 45. Microcontroller 
45 comprises functional blocks including a CPU 46, flash memory or EEPROM 48 
containing code and default (transport) member number value. Microcontroller 45 
also comprises RAM working registers 47, and EEPROM memory 49, with 
alternate encryption keys, and historical transaction buffer, which records the last 10 
transactions, for example, on the EEPROM memory 49, to resolve billing disputes. 
Microcontroller 45 also comprises public key algorithm 50. Secure keyboard 40 is 
connected via cable 41 and connector 51 to the keyboard interface for 
communication with the host computer. 

As shown in Option A, a Smartcard adapter 44 may be added to the 
system to provide for operation with system encryption keys encoded on Smartcard 
14, or with a Smartcard PIN number or Smartcard security algorithm 



14 



As shown in Option B, a magnetic card reader 42 may be added to the 
system to provide an easy way of using a credit card number. The magnetic card is 
used in security Level I or Level II transactions. 

Fig. 5 is an electronic block diagram of a secure voice recognition 
peripheral device 60 constructed in accordance with the principles of the present 
invention. A secure voice recognition circuit comprises a microphone 62, and a 
microcontroller 61 which comprises an analog switch 64, A/D converter 66 and D/A 
converter 68. Microcontroller 61 comprises functional blocks including a CPU 72, a 
flash memory or EEPROM 74 containing code and default (transport) member 
number value. Microcontroller 61 also comprises RAM working registers 76, and an 
EEPROM data memory 78 which holds alternate encryption keys, a software package 
serial number, and an historical transaction buffer which records the last 10 
transactions, to resolve billing disputes. Microcontroller 61 also comprises a public key 
algorithm 79, A voice signature can also be stored on EEPROM data memory 78. 

In operation, audio input is fed from microphone 62 into A/D converter 
66, under control of CPU 72, via analog switch 64. When the voice signals are 
compared in microcontroller 61 with the voice signature stored in EEPROM data 
memory 78, D/A converter 68 returns the encrypted analog signals to the analog 
switch 64 which sends the analog encrypted data to an optional speech recognitiion 
circuit located in the computer running the service program. 

The voice recognition circuit enables recognition of numbers and special 
words by a voice recognition program which is stored in the code memory 74. The 
voice recognition circuit can be part of a device containing a large number of voice 
recognition programs, and may be operated as a stand-alone device to obtain already 
recognized numbers and transmit an encrypted number. The voice recognition circuit 
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can be part of the new model of keyboards or part of speech add-on recognition cards, 
or part of voice recognition circuits installed on motherboard computer circuits. 

As shown in Option A, a Smartcard adapter 70 may be added to the 
system to provide for operation with system encryption keys encoded on Smartcard 
14, or with a Smartcard PFN number or Smartcard security algorithm 

In order to provide each of the secure I/O peripheral devices, secure 
computer mouse 10, secure keyboard device 40 or secure voice recognition device 

60, with security via encryption algorithms, it is first necessary to perform a secure 
I/O protocol which is designed to prevent the presentation of many keys in a short 
time period. 

Generally, secure I/O peripherals have in their own microcontroller all 
of the necessary memory. Program code is retained in flash code memory 74, and 
long-term random memory is provided by an EEPROM section in microcontroller 

61. The EEPROM memory is electrically erasable and changeable in accordance 
with the changes in the system encryption keys. 

In the manufacturing process of the secure peripherals, an initial member 
number is written in the microcontroller by the manufacturer. For example, 
manufacturer A will provide a code having 8 bytes: 00000000, and manufacturer B 
will provide a code having 8 bytes: 00000001, etc. for as many codes as needed. Using 
this encoded key, the manufacturer can check the production line and send the secure 
peripheral to an encryption center. 

In the hardware configuration of the microcontroller, additional hardware 
is integrated which does not permit more than three authentication routines to be 
performed in consecutive fashion. After an attempt is made to exceed this number 
of routines, the system will automatically wait 3 minutes before allowing additional 
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attempts to be made. Each authentication routine is bi-directional. Upon power-oi 
or reset, the system will wait 3 minutes. This automatic system delay is designed to 
reduce the likelihood of a successfiil breach of security, by method involving 
rapid presentation of different system encryption keys. 

The inventive secure I/O peripherals include all the existing encryption 
techniques, including, DES or 3-DES, RC2-RCn, IDEA, HASH, CAST, a dynamic 
exchange of system encryption keys, and public key technology such as RS A 
algorithms, Diffie-Hellman, etc. Use of each of these techniques is designed to 
guarantee the longevity of the system after its initiation into use. Currently, banking 
encryption systems utilize the DES technique, and most Smartcards do also, except 
for those used in satellite home communications, TV cable channels and special 
applications, in which the Smartcards use the Public key RSA algorithm. 

The communication system implemented in the secure peripheral I/O 
system operates according to the following definitions: 

1) Complete security for the source of money transferred and 
numbers etc. transferred by the network. 

2) Each provider or receiver of services has a 'member number' . 

3) The 'member number', when broadcast, is always encrypted. 

4) In each transaction, part of the 'member number' and the amount of the 
transaction will be kept secure, by the service provider. 

5) The 'member number' is encoded in the secure I/O peripheral 
memory during the definition process performed by the system 
manager. 

6) The supervising authority (governmental, regulatory or service manager) may 
obtain the 'member number and the amount of the transaction. 

7) No party knows the connection between the 'member number' 
and the true identity of the user. 
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8) Blockage of user access will be done by the 'member number'. 

In Figs. 6a-b there are shown flowcharts describing a typical purchase 
transaction using the secure I/O device of the present invention. In block 100, the 
computer connects to the Internet server. In block 102, the computer loads the secure 
I/O application program. In block 104, the computer loads the Internet surfing 
program. In block 106, the user enters an Internet having a virtual shopping mall. 

In block 108, the user chooses the item to be purchased. In block 110, the 
vendor secure I/O program starts the negotiation with the user secure I/O program. 
The secure I/O programs complete the start of the negotiation phase in block 1 12 by 
use of an authentication routine (Fig. 7). 

The authentication routine is an industry standard type, using for example, 
the DES encryption. The routine begins in block 90 when the service provider sends a 
start command to the end user which is acknowleged in block 91 . The service supplier 
creates a random number in block 92 , encrypts it in block, 93 and transmits it to the 
end user via the secure VO peripheral device of the invention. The end user secure VO 
device decrypts the received random number in block 94. At this stage, the end user 
secure I/O device generates a new random number in block 95, and transmits the 
received random number and the generated random number as a packet, encrypted by 
the same key. The service supplier secure I/O device decrypts the received packet in 
block 96, and compares the returned random number to the one it initially generated: If 
it matches, then the service supplier encrypts the end user random number by the same 
key and transmits it back to the end user in block 97. The end user decrypts and 
compares the received random number in block 98 and if it matches in block 99, the 
authentication routine is sucessfully completed in block 101, and an OK is sent. If the 
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returned random number does not match in block 96 or 99, the authentication routine 
fails in block 103. 

In decision blocks 1 14a-b, the completion of the authentication routine is 
tested, and the end user is asked to insert his credit card number in block 1 16. In block 
1 18, the secure I/O device encrypts the credit card number. In block 120, the end user 
is asked to insert his PIN number, and then in block 122, he is asked to repeat entry of 
the PIN number. 

In block 1 24, the secure I/O program checks if the PIN number is OK, and 
in block 126 the secure I/O program encrypts the PIN number. In block 128, the 
service program running on the computer transmits the encrypted number to the 
vendor or service supplier (SRS). In block 130, the SRS decrypts the transmitted data, 
and in decision block 132 the service supplier checks the end user credit card number 
against credit card blacklist of users whose cards are blocked. If the credit card is OK, 
in block 134 the service supplier transmits an encrypted receipt to the end user. Block 
136 is the end of the typical transaction. Block 138 is the exit of the secure I/O 
program. 

Having described the invention with regard to certain specific 
embodiments thereof, it is to be understood that the description is not meant as a 
limitation since further modifications may now suggest themselves to those skilled 
in the art and it is intended to cover such modifications as fall within the scope of the 
appended claims. 
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CLAIMS: 

1 . A secure data entry peripheral device in a computer system, said device 
comprising: 

means for at least one of entry, collection and reading of data information; 

controller means for encoding said data information for presentation to the 
computer system, and 

means associated with said controller for processing said encoded data 
information by performing thereon at least one operation amongst operations including 
encryption, decryption, data manipulation and storage, 

said processed encoded data information providing a secure transaction 
when transmitted within the computer system, and when decrypted and decoded for 
use at a remote location. 

2. The device of claim 1 configured as a secure mouse device. 

3. The device of claim 1 configured as a secure mouse device wherein said 
processing means comprises an electronic device capable of encrypting/decrypting 
data.. 

4. The device of claim 1 configured as a secure mouse device, wherein said 
processing means comprises an electronic device capable of encrypting/decrypting data 
received via asynchronous communication means. 

5. The device of claim 1 configured as a secure mouse device, wherein said 
processing means comprises an electronic device capable of encrypting/decrypting data 
received via computer bus signals transferred through a mouse interface card. 

6. The device of claim 1 configured as a secure mouse device having a mini- 
keypad for entry of data. 
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7. The device of claim 1 configured as a secure mouse device including an 

interface to a Smartcard component as an integral part of the device, wherein said 
processing means comprises an electronic device capable of encrypting/decrypting 
data via an algorithm contained on said Smartcard. 

8 The device of claim 1 configured as a secure mouse device including an 
interface to a Smartcard component as an integral part of the device, wherein said 
processing means comprises an electronic device capable of encrypting/decrypting 
data via manipulation of commands in a command interpreter on said Smartcard. 

9 The device of claim 1 configured as a secure mouse device including an 
interface to a Smartcard component as an integral part of the device, wherein said 
processing means comprises an electronic device capable of preventing unauthorized 
use of software programs. 

10. The device of claim 1 configured as a secure keyboard device, wherein said 

processing means comprises an electronic device capable of encrypting/decrypting 
data entered via said keyboard, 

1 1 The device of claim 1 configured as a secure keyboard device, wherein said 

processing means comprises an electronic device capable of encrypting/decrypting data 
received via keyboard communication signals such as a clock signal, data signal, reset 
signal and the like. 

12. The device of claim 1 configured as a secure keyboard device including an 
interface to a Smartcard component as an integral part of the device, wherein said 
processing means comprises an electronic device capable of encrypting/decrypting 
data via an algorithm contained on said Smartcard. 

13. The device of claim 1 configured as a secure keyboard device including an 
interface to a Smartcard component as an integral part of the device, wherein said 
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processing means comprises an electronic device capable of encrypting/decrypting 
data via said Smartcard. 

14. The device of claim 1 configured as a secure keyboard device including an 

interface to a Smartcard component as an integral part of the device, wherein said 
processing means comprises an electronic device capable of encrypting/decrypting 
data via manipulation of commands in a command interpreter on said Smartcard. 

15. The device of claim 1 configured as a secure keyboard device including an 
interface to a Smartcard component as an integral part of the device, wherein said 
processing means comprises an electronic device capable of preventing unauthorized 
use of software programs. 

16. The device of claim 1 configured as a secure voice recognition device, 
wherein said processing means comprises an electronic device capable of 
encrypting/decrypting analog data entered via a microphone. 

17. The device of claim 1 configured as a secure voice recognition device, 
wherein said processing means comprises an electronic device capable of 
encrypting/decrypting data received via at least one of synchronous and asynchronous 
communication signals, serial clock and data signals, and computer bus signals. 

18. The device of claim 1 configured as a secure voice recognition device 
including an interface to a Smartcard component as an integral part of the device, 
wherein said processing means comprises an electronic device capable of 
encrypting/decrypting data via an algorithm contained on said Smartcard. 

1 9. The device of claim 1 configured as a secure voice recognition device 
including an interface to a Smartcard component as an integral part of the device, 
wherein said processing means comprises an electronic device capable of 
encrypting/decrypting data via said Smartcard.. 
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20. The device of claim 1 configured as a secure voice recognition device 

including an interface to a Smartcard component as an integral part of the device, 
wherein said processing means comprises an electronic device capable of 
encrypting/decrypting data via manipulation of commands in a command interpreter 
on said Smartcard. 

21 . The device of claim 1 configured as a secure voice recognition device 
including an interface to a Smartcard component as an integral part of the device, 
wherein said processing means comprises an electronic device capable of preventing 
unauthorized use of software programs. 

22. A method of providing secure data entry in a computer system, said 
method comprising the steps of: 

performing at least one of entry, collection and reading of data information 
via a standard data entry device including a computer mouse, keyboard, voice system 
and the like; 

encoding said data information within said standard data entry device for 
presentation to the computer system, and 

processing said encoded data information by performing thereon at least 
one operation amongst operations including encryption, decryption, data manipulation 
and storage, 

said processed encoded data information providing a secure transaction 
when transmitted within the computer system, and when decrypted and decoded for 
use at a remote location, 

23. A secure data entry peripheral device in a computer system, substantially 
as described here by way of example and wath reference to the drawings. 
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24. A method of providing secure data entry in a computer system, 

substantially as described here by way of example and with reference to the drawings. 

For the Applicant: 



Edward Langer, Pat/Atty. 
C: 0965 ^ 
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